SEI Documents List
[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]
2003 Reports
Annual Report
2003 Annual Report
Annual Report, 2003
The 2003 SEI Annual Report describes the accomplishments of the SEI during fiscal year 2003 (October 1, 2002 through September 30, 2003). For each of the SEI's focus areas, the report summarizes key research and support that the SEI provided for developers and acquirers of software-intensive systems. The report also presents information about the SEI, its staff members, and its organization, including staff accomplishments, publications, leadership positions, demographics, dissemination activities, and funding data.
http://www.sei.cmu.edu/publications/documents/03.reports/03ar/
Handbooks
CMU/SEI-2003-HB-002
ADA413778
Handbook for Computer Security Incident Response Teams (CSIRTs)
West Brown, M.; Stikvoort, D.; Kossakowski, K.; Killcrece, G.; Ruefle, R.; & Zajicek,
M.
This document provides guidance on forming and operating a computer security incident response team (CSIRT). In particular, it helps an organization to define and document the nature and scope of a computer security incident handling service, which is the core service of a CSIRT. The document explains the functions that make up the service; how those functions interrelate; and the tools, procedures, and roles necessary to implement the service. This document also describes how CSIRTs interact with other organizations and how to handle sensitive information. In addition, operational and technical issues are covered, such as equipment, security, and staffing considerations.
This document is intended to provide a valuable resource to both newly forming teams and existing teams whose services, policies, and procedures are not clearly defined or documented. The primary audience for this document is managers who are responsible for the creation or operation of a CSIRT or an incident handling service. It can also be used as a reference for all CSIRT staff, higher level managers, and others who interact with a CSIRT.
http://www.sei.cmu.edu/publications/documents/03.reports/03hb002.html
CMU/SEI-2003-HB-001
ADA421684
Organizational Models for Computer Security Incident Response Teams (CSIRTs)
Killcrece, G.; Kossakowski, K.; Ruefle, R. Zajicek, M.
When a computer security attack on an organization occurs, an intrusion is recognized, or some other kind of computer security incident occurs, it is critical for the organization to have a fast and effective means of responding. One method of addressing this need is to establish a formal incident response capability or a Computer Security Incident Response Team (CSIRT). When an incident occurs, the goal of the CSIRT is to control and minimize any damage, preserve evidence, provide quick and efficient recovery, prevent similar future events, and gain insight into threats against the organization.
This handbook describes different organizational models for implementing incident handling capabilities, including each model's advantages and disadvantages and the kinds of incident management services that best fit with it. An earlier SEI publication, the Handbook for Computer Security Incident Response Teams (CSIRTs) (CMU/SEI-2003-HB- 002), provided the baselines for establishing incident response capabilities. This new handbook builds on that coverage by enabling organizations to compare and evaluate CSIRT models. Based on this review they can then identify a model for implementation that addresses their needs and requirements.
http://www.sei.cmu.edu/publications/documents/03.reports/03hb001.html
Process Maturity Profiles
The purpose of the Maturity Profiles is to:
- demonstrate the use of SEI models and appraisal methods
- provide a public service to the engineering community to assist in their improvement efforts
The profiles are intended to provide a snapshot of the state of process maturity in a way that individual organizations' maturity levels cannot be identified or inferred. Therefore requests to the SEI to provide this information in different views or levels of detail for other uses can not be fulfilled.
The Published Maturity Levels page is provided as a public service to organizations that wish to publicize their maturity rating; however, as stated in the disclaimers on that page, the SEI has in no way validated or certified the results of the organizations listed on that page. For more information, please see our Frequently Asked Requests and Questions pages.
http://www.sei.cmu.edu/sema/profile.html
Security Improvement Modules
CMU/SEI-SIM-012,
ADA412014
Outsourcing Managed Security Services
Allen, J.; Gabbard, D.; & May, C.
As computer attack patterns shift and threats to networks change and grow almost daily, it is critical that organizations achieve reliable information security. Investment decisions about information security are best considered in the context of managing business risk. Risks can be accepted, mitigated, avoided, or transferred. Outsourcing selected managed security services (MSS) by forming a partnership with a Managed Security Service Provider (MSSP) is often a good solution for transferring information security responsibility and operations. Although the organization still owns information security risk and business risk, contracting with an MSSP allows it to share risk management and mitigation approaches.
http://www.sei.cmu.edu/publications/documents/sims/sim012.html
Special Reports
CMU/SEI-2003-SR-009,
ADA418481
Demonstrating the Impact and Benefits of CMMI: An Update and Preliminary Results
Goldenson, D. & Gibson, D.
There is a widespread demand for evidence about the impact and benefits of process improvement based on Capability Maturity Model[R] Integration (CMMI[R]) models. Much has been documented about the practice of CMM[R]-based process improvement and its value for the development and maintenance of software and software-intensive systems; however, the existing information is sometimes outdated and there are increasing calls for evidence directly based on CMMI experience. This special report presents selected results from 12 case studies drawn from 11 organizations. While still limited, the case studies provide credible evidence that CMMI-based process improvement can help organizations achieve better project performance and produce higher quality products. The report also describes plans for gathering further evidence from organizations using CMMI models.
http://www.sei.cmu.edu/publications/documents/03.reports/03sr009.html
CMU/SEI-2003-SR-004
ADA416604
Third International Workshop on Adoption-Centric Software Engineering
editors: Balzer, R.; Jahnke, J.; Litoiu, M.; Muller, H.; Smith, D.; Storey, M.; Tilley, S.;
Wong, K.; & Weber, A.
This report contains a set of papers that were presented at the Third International Workshop on Adoption-centric Software Engineering (ACSE). The papers focused on overcoming barriers to adopting research tools. Such barriers include the user's lack of familiarity with the tools, the mismatch between the tools and the users' cognitive models, a lack of interface maturity, limited tool scalability, poor interoperability and limited support for complex software engineering development tasks. The workshop papers explored innovative approaches to the adoption of software engineering tools and practices in particular by embedding them with middleware products and other commonly available commercial products.
http://www.sei.cmu.edu/publications/documents/03.reports/03sr004.html
CMU/SEI-2003-SR-007,
ADA418458
CMMI Interpretive Guidance Project: Preliminary Report
Chrissis, M.; Wemyss, G.; Goldenson, D.; Konrad, M.; Smith, K.; & Svolou, A.
The CMMI[R] (Capability Maturity Model[R] Integration) Interpretive Guidance project was formed to help commercial software, information technology (IT), and information systems (IS) organizations adopt CMMI. Project members collected data to learn more about how CMMI is being accepted by these organizations. This report describes the data- collection activities and includes summaries of the data collected through August 2003.
The project received both positive and negative comments that lead to some interesting and surprising observations. Overall, the positive comments greatly outnumbered the negative. Input provided by commercial software, IT, and IS organizations was similar to input from organizations from other disciplines.
Organizations reported that CMMI is adequate for guiding their process improvement activities and that CMMI training courses and appraisal methods are suitable for their needs, although there are specific opportunities for improvement. Having two representations caused concern and confusion for some but was a benefit for others, so the project will investigate these comments further to see what can be done to address these concerns. The cost of CMMI is an issue that affected adoption decisions for some but not for others. Finally, return-on-investment information is usually helpful to organizations when making the business case to adopt CMMI.
http://www.sei.cmu.edu/publications/documents/03.reports/03sr007.html
CMU/SEI-2003-SR-001
ADA416434
International Liability Issues for Software Quality
Mead, N.
This report focuses on international law related to cybercrime, international information security standards, and software liability issues as they relate to information security for critical infrastructure applications. Each area is explored and implications for U.S. policy and efforts to create cyber security policy worldwide are discussed. Recommendations are made for U.S. government participation and leadership.
This report is one of a series of reports on U.S. policy by the CERT Coordination Center[R]. Prior reports focused on international infrastructure for global security incident response and the technical challenges and global policy issues of tracking and tracing cyber attacks.
http://www.sei.cmu.edu/publications/documents/03.reports/03sr001.html
Technical Notes
CMU/SEI-2003-TN-009,
ADA414868
Application of Options Analysis for Reengineering in a Lead System Integrator Environment
Bergey, J.; O'Brien, L.; & Smith, D.
Because most organizations have a substantial legacy base of existing software assets, few development efforts start from scratch. However, there has not been a systematic way to identify components for reuse or to understand the types of changes that would be required for insertion into a software product line architecture or a new software architecture.
Options Analysis for ReengineeringSM (OARSM) is an approach for making decisions on mining software assets. Mining involves rehabilitating parts of an old system for use in a new system. OAR identifies potential reusable components and analyzes the changes that would be needed to rehabilitate them for reuse within a software product line or new software architecture. OAR also provides an analysis of mining options, as well as the cost, effort, level of difficulty, and risks associated with each option. Recently, OAR has been applied to help a lead system integrator (LSI) make effective decisions on reuse. An LSI is the agent for an organization that is responsible for acquiring a large software- intensive system or system of systems. This note describes the use of OAR to guide decision making on mining assets within an LSI context, referred to as LSI OAR.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn009.html
CMU/SEI-2003-TN-003,
ADA412025
Applying FSQ Engineering Foundations to Automated Calculation of Program Behavior
Linger, R.
No software engineer can say with assurance how a sizable program, with its virtually infinite number of possible execution paths, will behave, that is, what it will do, in all circumstances of use. This incredible reality, widely acknowledged but little discussed, lies at the heart of intractable problems experienced in software development and use over the past 40 years. If full behavior is unknown, so too are embedded errors, vulnerabilities, and malicious code that can emerge in use. While this reality has seemed inevitable in the past, it need not be so in the future. The SEI CERT Research Center has been conducting research on Flow-Service-Quality (FSQ) engineering for complex, network-centric system analysis and development. FSQ Flow Structures treat the control structures of programs as rules, or implementations, of mathematical functions, that is, mappings from domains to ranges. The function, or behavior, of any control structure can be abstracted into a procedure-free statement that specifies its net functional effect in all circumstances of use with mathematical precision. The finite number of control structures in a program can be abstracted in stepwise fashion in an algebra of functions, to arrive at a precise statement of the program's overall behavior. The mathematical foundations largely exist, and development of such a capability is feasible, albeit difficult. Automated program behavior calculation would have a dramatic effect on software and systems engineering, and enable a new level of assurance in trustworthy systems. This report briefly summarizes research to date on Flow Structures and describes the application of their function-theoretic mathematical foundations to the problem of program behavior calculation
http://www.sei.cmu.edu/publications/documents/03.reports/03tn003.html
CMU/SEI-2003-TN-008
ADAA413856
Architecture Reconstruction Case Study
O'Brien, L. & Stoermer, C.
This report outlines an architecture reconstruction carried out at the Software Engineering Institute (SEI) on a software system called VANISH that was developed for prototyping visualizations. The goals of the reconstruction were to understand the existing VANISH system and to use a new architecture reconstruction tool, called ARMIN, for the reconstruction, while ensuring that ARMIN has at least the same capabilities as the Dali Architecture Reconstruction Workbench.
During the reconstruction several architectural views were generated through abstraction of low-level information extracted from the system. These views show the components of the system and the interfaces among them. The ARMIN tool provides the ability to visualize, navigate, and manipulate the set of views generated, and yields results technically compatible with the Dali Workbench but with improved presentation and layout.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn008.html
CMU/SEI-2003-TN-028,
ADA421619
Architecture Reconstruction of J2EE Applications: Generating Views from the Module Viewtype
O'Brien, L. & Tamarree, V.
This report outlines the application of architecture reconstruction techniques to the Sun Microsystems' Duke's Bank system-a Java2 Platform, Enterprise Edition/Enterprise JavaBeans (J2EE/EJB) application implemented mainly in Java. The goal of the reconstruction was to apply architecture reconstruction techniques to a system implemented in Java to produce a set of views that depict that system's architecture. Decomposition style views of the module viewtype were used. They focus on the "is part of" relation and show how the system is decomposed into modules and submodules.
During the reconstruction, several decomposition style views of the architecture were generated using the Understand for Java tool. That tool extracted and then abstracted low-level source information from the system. Then that information was formatted using Perl scripts, so it could be loaded into the Architecture Reconstruction and Mining (ARMIN) tool developed by the Carnegie Mellon Software Engineering Institute and the Robert Bosch Corporation. The resulting views showed the architectural elements of the Duke's Bank system and the dependencies among them.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn028.html
CMU/SEI-2003-TN-011,
ADA443473
Building Relationships between Small Manufacturing Enterprises and Vendors: Findings from the TIDE Program
Estrin, L. & Foreman, J.
Small manufacturing enterprises (SMEs) are vital to the economic and military strength of the United States. However, many SMEs struggle to keep pace with advances in software-based manufacturing technologies. Several factors contribute to this situation. SMEs often lack the business, process, and technical expertise to implement advanced technologies. Additionally, vendors and value-added resellers (VARs) are reluctant to target this market. For vendor/ VAR-SME relationships to succeed, both parties must redefine many of the roles and rules that guide the sales process. This technical note describes activities of the Technology Insertion Development and Evaluation program at the Software Engineering Institute, and presents findings to help vendors, VARs, and SMEs develop mutually beneficial and successful relationships.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn011.html
CMU/SEI-2003-TN-015
ADA416418
CMM[R]-Based Process Improvement and Schedule Deviation in Software Maintenance
Jung, H. & Goldenson, D.
The objective of this study is to evaluate the predictive validity of the Capability Maturity Model [R](CMM[R]) for Software (SW-CMM) as applied to software maintenance.
The SW-CMM is intended to apply to both software development and maintenance. A basic premise (hypothesis) of the SW-CMM is that improving process maturity will result in better project performance and product quality. The extent to which that hypothesis is supported empirically is called a test of its predictive validity. No previous evaluation exists of the predictive validity of the SW-CMM in a maintenance context.
The extent to which schedule estimates differ from reality is one important measure of project performance. But is higher maturity in fact correlated with a reduction in schedule deviation? Data from 752 maintenance projects drawn from 441 SW-CMM assessments are analyzed using a zero inflated Poisson (ZIP) regression model, and the results are validated using a bootstrap estimation method. Projects from higher maturity organizations typically report less schedule deviation than those from organizations assessed at lower maturity levels.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn015.html
CMU/SEI-2003-TN-033
ADA421683
Common Concepts Underlying Safety, Security, and Survivability Engineering
Firesmith, D.
This technical note presents a consistent set of information models that identify and define the foundational concepts underlying safety, security, and survivability engineering. In addition, it shows how quality requirements are related to quality factors, subfactors, criteria, and metrics, and it emphasizes the similarities between the concepts that underlie safety, security, and survivability engineering. The information models presented in this technical note provide a standard terminology and set of concepts that explain the similarities between the asset-based, risk-driven methods for identifying and analyzing safety, security, and survivability requirements as well as a rationale for the similarity in architectural mechanisms that are commonly used to fulfill these requirements.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn033.html
CMU/SEI-2003-TN-024,
ADA418401
Deriving Enterprise-Based Measures Using the Balanced Scorecard and Goal-Driven Measurement Techniques
Goethert, W. & Fisher, M.
This technical note describes the synergistic application of the balanced scorecard and goal-driven measurement methodologies to develop measures and associated indicators for measuring an organization's health and performance. Through this iterative approach, an organization's strategic goals and subgoals are mapped to the balanced scorecard and refined. The goal-question-(indicator)-measurement methodology is then applied to identify indicators and measures for each scorecard dimension. A hypothetical example of how to apply the methodology at a "typical" organization performing software development and maintenance activities is provided. The example yields typical indicators to illustrate the methodology.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn024.html
CMU/SEI-2003-TN-027,
ADA418352
DoD Experience with the C4ISR Architecture Framework
Wood, W. & Cohen, S.
The Department of Defense (DoD) is mandating the use of the Command, Control, Communications, Computer, Intelligence, Surveillance, and Reconnaissance Architecture Framework (C4ISRAF) for large-scale software-intensive systems. The authors conducted eight interviews with personnel who have used the C4ISRAF in acquisition projects. The intent of the interviews was to find the strengths and weaknesses of the C4ISRAF, so that this information could be communicated to future users of the framework. This technical note discusses the context for using the C4ISRAF, the observations made during the interviews about its use, and the strengths and challenges of using it. Suggestions for overcoming these challenges also are included.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn027.html
CMU/SEI-2003-TN-023
ADA418423
Documenting Software Architectures in an Agile World
Clements, P.; Ivers, J.; Little, R.; Nord, R. & Stafford, J.
This report compares the Software Engineering Institute's Views and Beyond approach for documenting software architectures with the documentation philosophy embodied in agile software-development methods. This report proposes an approach for capturing architecture information in a way that is consistent with agile methods.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn023.html
CMU/SEI-2003-TN-006
ADA416453
DoD Architecture Framework and Software Architecture Workshop Report
Wood, W.; Barbacci, M.; Clements, P.; Palmquist, S.; Ang, H.; Bernhardt, L.;
Dandashi, F.; Emery, D.; Sheard, S.; Uzzle, L.; Weiler, J.; & Krummenoehl, A.
During the Software Engineering Institute's Workshop on the Department of Defense Architecture Framework and Software Architecture, participants from government, industry, and academia discussed the similarities and differences between system and software architecture representations, and how these representations relate with one another. This technical note summarizes the activities of that workshop.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn006.html
CMU/SEI-2003-TN-007,
ADA412315
Federation Object Model (FOM) Flexible Federate Framework, A
Dumond, R. & Little, R.
The concept of a framework as a reusable software component has become a state-of-the-practice technique in software companies. A number of frameworks based on High Level Architecture (HLA) are available commercially, and many companies have developed their own frameworks for internal applications. Using a framework reduces development time and allows software architects and programmers to focus on the unique aspects of the simulation. However, the challenge of developing a reusable component to support dynamic reconfigurability remains. Indeed, existing frameworks use a static object-model representation that requires full knowledge of object model components when a federate is built (at compile-time). This report describes an approach to designing a domain framework that encapsulates expertise in developing an HLA federate by hiding runtime infrastructure (RTI) internal operations from the developer. This approach uses a JavaTM virtual machine and a parser to map object representations of federation object model (FOM) elements dynamically.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn007.html
CMU/SEI-2003-TN-038,
ADA421615
Integrating the Architecture Tradeoff Analysis Method (ATAM) with the Cost Benefit Analysis Method (CBAM)
Nord, R.; Barbacci, M.; Clements, P.; Kazman, R.; Klein, M.; O'Brien, L.; &
Tomayko, J.
The Architecture Tradeoff Analysis Initiative at the Carnegie Mellon[R] Software Engineering Institute (SEI) has developed a number of architecture-centric methods currently in use including the SEISM Architecture Tradeoff Analysis Method (ATAM), the SEI Quality Attribute Workshop (QAW), the SEI Cost Benefit Analysis Method (CBAM), SEI Active Reviews for Intermediate Designs (ARID), and the SEI Attribute-Driven Design (ADD) method. Building on our success in developing and piloting a collection of software architecture methods, we're now focusing on integrating them, and building the bridges between them and the processes and architecture efforts outside the SEI, all the while continuing to refine existing methods and models.
This technical note reports on a proposal to integrate the SEI ATAM and SEI CBAM. The ATAM provides software architects with a framework for understanding the technical tradeoffs and risks they face as they make design decisions, but it does not provide any guidance for understanding economic tradeoffs. The CBAM helps software architects consider the return on investment of any architectural decision and provides guidance on the economic tradeoffs involved. The CBAM takes the architectural decision analysis done during the ATAM and helps make it part of a strategic roadmap for software design and evolution by associating priorities, costs, and benefits with architectural decisions.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn038.html
CMU/SEI-2003-TN-005
ADAA413696
Interpreting Capability Maturity Model[R] Integration (CMMI[R]) for Service Organizations-a Systems Engineering and Integration Services Example
Herndon, M.; Moore, R.; Phillips, M.; Walker, J.; & West, L.
Capability Maturity Model[R] Integration (CMMI[R]) provides a framework for improving the processes organizations use to develop, deliver, and maintain products and services. This technical note presents one organization's interpretation of CMMI best practices for organizations that primarily provide services. Service organizations can use this example interpretation of CMMI practices to inform management and staff about how CMMI practices apply to their work. The interpretation will also help appraisal team members ensure that implemented practices provide the business value necessary to satisfy the goals for quality process improvement that are stated in the CMMI models.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn005.html
CMU/SEI-2003-TN-026
ADA421679
Life-Cycle View of Architecture Analysis and Design Methods, A
Many architecture-centric analysis and design methods have been created in the past 10 years at the Software Engineering Institute, beginning with the Software Architecture Analysis Method (SAAM). The SAAM inspired the creation of other methods, namely the Architecture Tradeoff Analysis MethodSM, the Quality Attribute Workshop, the Cost-Benefit Analysis Method, Active Reviews for Intermediate Designs, and the Attribute-Driven Design method.
As these methods become more widespread, more widely adopted, and integrated into the software development life cycle, organizations inevitably will want to tailor them. Consequently, organizations that wish to include quality- attribute-based requirements, explicit architecture design, and architecture analysis in their software development life cycles will be best served if they can do so "organically." The steps and artifacts of the five methods listed above, therefore, may require tailoring, blending, and, in some cases, removal when integrated into an existing life cycle.
This report examines these methods and activities to understand their commonalities and relationships to life-cycle changes, and proposes a means of tailoring the activities so that they can fit more easily into existing life-cycle models.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn026.html
CMU/SEI-2003-TN-031,
ADA418393
Measures for Software Product Lines
Zubrow, D. & Chastek, G.
This technical note characterizes the status of measurement associated with the operation of a software product line, suggests a small set of measures to support its management, and provides guidance for those establishing measurement activities within a software product line. It is intended to help managers of software product lines develop a set of base measures for tracking those categories of needs most relevant to their organization's products, projects, and processes. The measures suggested here range from relatively mature to those whose general utility have yet to be validated. Therefore, an organization using this paper needs to assess its ability to generate the measures and the value they are likely to return to the organization. In most cases, an organization may wish to start with a subset of the measures described.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn031.html
CMU/SEI-2003-TN-001,
ADA412319
On the Suitability of Tcl/Tk for SYS
Hansen, W.
The Software Engineering Institute (SEI) was called on recently to examine a system, hereafter called SYS, written entirely in the Tool Control Language/Toolkit (Tcl/Tk) language. In response to some negative comments in the SEI's report, the developers presented a list of systems purported to demonstrate the viability of Tcl/Tk as a development tool. A review of the 67 listed systems found that Tcl/Tk is indeed practical for developing large systems.
Small systems written in the language often follow a paradigm of "classic Tcl/Tk windows." SYS embraced this approach to the extent of involving hundreds of windows. The review showed that no other large system written in Tcl/Tk has anywhere near as many such windows. User interviews suggested that the number of different windows was indeed a problem. SYS should consider an alternative design, perhaps a Web-based approach. Some design criteria are described at the end of the report.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn001.html
CMU/SEI-2003-TN-017
ADA418466
Predicting When Product Line Investment Pays
Cohen, S.
A product line approach may appear very attractive, with obvious benefits in speedier time to market and higher quality, however many organizations demand financial justification before proceeding. Without knowing costs, the decision makers won't budget funds or personnel to carry out the up-front asset construction tasks. In addition, not all organizations are ready to commit up front to a full asset set, one that covers most if not all product line features. Many managers favor an incremental approach to product line adoption, one that first tackles areas of highest and most readily available commonality, earning payback early in the adoption cycle.
This report defines key factors to consider in taking an incremental approach to fielding a product line. An organization building a business case can apply these factors to show that product line investment can result in product development savings. The example presented here shows a net savings of almost $180 million in projects that would have cost about $600 million under traditional development approaches. The $180 million in savings takes into account an investment of $54 million in product line start-up costs. The example also illustrates ways to present the data needed to make a compelling business case.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn017.html
CMU/SEI-2003-TN-016
ADA416429
Proceedings of the System of Systems Interoperability Workshop (February 2003)
Levine, L.; Meyers, C.; Morris, E.; Place, P.; & Plakosh, D.
The Software Engineering Institute has initiated an internal research and development effort to investigate interoperability between systems. As part of the research, a workshop was held in February 2003 with an advisory board of Department of Defense experts. A preliminary model of interoperability was presented and feedback on the model was requested. This technical note documents the model of interoperability presented and the findings from the workshop.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn016.html
CMU/SEI-2003-TN-004,
ADA418413
Real-Time Application Development with OSEK: A Review of the OSEK Standards
Feiler, P.
OSEK is an abbreviation for a German term that translates to "open systems and the corresponding interfaces for automotive electronics." OSEK OS is the operating system specification and OSEK COM is the communication specification. Both are application program interface (API) standards for automotive real-time application development. They are complemented by OSEK Implementation Language (OIL), a modeling language for describing the configuration of an OSEK application and operating system.
This paper covers the SEI evaluation of these standards from the perspective of real-time application development. The SEI identified shortcomings in the description and semantics of certain services offered by the OSEK API. These shortcomings introduce unnecessary complexity to application developers and limit application portability. The SEI also identified the potential of OIL as an architectural modeling language to support design-time analyses, such as schedulability analysis. OIL's potential as a basis for generating both real-time OS data tables and an application runtime executive was examined. Utilizing OIL in this way simplifies application component development. Correct use of OSEK API functionality is then relegated to a generation tool that operates on OIL. Such improvements would facilitate practitioners' adoption of OSEK by reducing its perceived complexity.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn004.html
CMU/SEI-2003-TN-002,
ADA412017
Rendering Tcl/Tk Windows as HTML
Hansen, W.
Tool Control Language (Tcl) is a programming language having a Toolkit (Tk) library that provides a standard set of graphical user interface (GUI) widgets. Since these are aimed at direct presentation via a window manager, Tcl/Tk applications are not compatible with Web-based service delivery environments. Several tools provide some help, but do not provide a migration path for eventual full conversion to Web-based delivery. This note suggests a new approach. For the particular application prompting this note, the GUI consists almost entirely of Tk widgets, especially tables and buttons. Hypertext Markup Language (HTML) offers these same widgets, so it is natural to consider delivering Tk windows by expressing their contents in HTML. To demonstrate this possibility, the Tk library was altered to generate HTML. As described in the paper, this shows that the Tcl/Tk internal data structures are sufficient to generate appropriate HTML commands having the same user interface as that presented by the application. Consequently, it is possible to add to Tk a fourth GUI interface in parallel to the existing ones for Unix, Macintosh, and MS Windows.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn002.html
CMU/SEI-2003-TN-013
ADA418410
Requirements Engineering for Survivable Systems
Mead, N.
This report describes the current state of requirements engineering for survivable systems, that is, systems that are able to complete their mission in a timely manner, even if significant portions are compromised by attack or accident. Requirements engineering is defined and requirements engineering activities are described. Survivability requirements are then explained, and requirements engineering methods that may be suitable for survivable systems are introduced. The report concludes with a summary and a plan for future research opportunities in survivable systems requirements engineering.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn013.html
CMU/SEI-2003-TN-020,
ADA455617
Selecting Advanced Software Technology in Two Small Manufacturing Enterprises
Anderson, B.; Estrin, L.; & Buhman, C.
Small manufacturing enterprises (SMEs) face a number of challenges when selecting and implementing advanced manufacturing technologies. These challenges may include the lack of awareness of the specific technologies and commercial products available, the lack of ability to select the appropriate product, and the lack of skill sets needed to utilize the selection techniques. This paper documents the actual process and benefits of advanced software technologies adoption by two SMEs. Considerations for defining requirements and selecting a software product are described. This note explains the issues involved for SMEs, presents methods they can use, and provides artifacts used in this documented case.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn020.html
CMU/SEI-2003-TN-025
ADA418453
Snapshot of CCL: A Language for Predictable Assembly
Wallnau, K. & Ivers, J.
Construction and composition language (CCL) plays several roles in our approach to achieving automated predictable assembly. CCL is used to produce specifications that contain structural, behavioral, and analysis-specific information about component technologies, as well as components and assemblies in such technologies. These specifications are translated to one or more reasoning frameworks that analyze and predict the runtime properties of assemblies. CCL processors can also be used to automate many of the constructive activities of component-based development through various forms of program generation. Using a common specification for prediction and construction improves confidence that analysis models match implementations. This report presents a snapshot of CCL by examining a small example CCL specification.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn025.html
CMU/SEI-2003-TN-029,
ADA418396
Software Engineering Institute's Second Workshop on Predictable Assembly: Landscape of Compositional Predictability, The
Stafford, J. & Hissam, S.
To further its work in predictable assembly focusing on compositional reasoning techniques, the Software Engineering Institute (SEI) held its second Predictable Assembly from Certifiable Components (PACC) Workshop on January 10- 11, 2003. Six leading researchers in component-based software engineering were invited to discuss topics related to compositional reasoning with members of the SEI technical staff. During the workshop, participants articulated the current state of research, identified gaps in the available technology, and set the direction for future efforts.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn029.html
CMU/SEI-2003-TN-030,
ADA418354
Template for Documenting Prediction-Enabled Component Technologies, A
Merson, P.
Prediction-enabled component technology (PECT) is an approach to predicting the behavior of systems built from components with known properties. An important artifact produced by the PECT development process is the documentation of the technologies, tools, and theories as integral elements of the PECT, as well as the results and conclusions of the application of the PECT to a group of systems. This report suggests a template for documenting a PECT. The report also provides guidelines and a few examples to help PECT developers consolidate the broad range of information produced into the PECT development process in a single, organized volume.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn030.html
CMU/SEI-2003-TN-012
ADA418415
Using the Architecture Tradeoff Analysis MethodSM (ATAMSM) to Evaluate the Software Architecture for a Product Line of Avionics Systems: A Case Study
Barbacci, M.; Clements, P.; Lattanze, A.; Northrop, L.; & Wood, W.
The quality of a software-intensive system depends heavily on the system's software architecture. When used appropriately, software architecture evaluations can have a favorable effect on a delivered or modified government system. This technical note describes the application of the Architecture Tradeoff Analysis Method (ATAM) to an Army avionics system acquisition. A government-contractor team is developing the Common Avionics Architecture System (CAAS) for a family of U.S. Army Special Operations helicopters. This technical note presents the contextual background about the software architecture, the organization, and the system being evaluated. It also provides a general overview of the ATAM process, describes the application of the ATAM to the CAAS, and presents important results and benefits.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn012.html
CMU/SEI-2003-TN-021
ADA418418
What About Ada? The State of the Technology in 2003
Smith, A.
The projected life-cycle cost of a system is a central concern for any program manager (PM) in the Department of Defense (DoD). Choices made early in system development, such as choosing appropriate programming languages, can have profound effects on life-cycle cost.
This report documents a recent investigation which characterized the technical and programmatic risks in reusing significant quantities of legacy Ada code in a new system. The investigation attempted to answer three questions: First, what is the business case for Ada? Second, how is Ada viewed by the defense industry? Third, how is Ada supported by academe? The results of this investigation point to a bleak future for Ada: no longer in the mainstream of computer science education, software engineering practice, or commercial support ADA is little more than a niche language used primarily within the DoD community and in limited civilian market segments, especially where there is defense market crossover or similar requirements as in commercial aviation, process control, and medical instrumentation.
The data collected in this report should help PMs evaluate the risks-both during initial development and throughout the entire life cycle-of using Ada for software-intensive systems.
http://www.sei.cmu.edu/publications/documents/03.reports/03tn021.html
Technical Reports
CMU/SEI-2003-TR-013
ADA421777
Advanced Engineering Environments for Small Manufacturing Enterprises: Volume I
Fenves, S.; Sriram, R.; Choi, Y.; Elm, J.; & Robert, J.
Advanced engineering environments (AEEs) are computational and communications systems that link researchers, technologists, designers, manufacturers, suppliers, and customers during the design phase of a product. AEEs consist of design tools, data repositories, and the networks that link these components and other enterprise processes. AEEs can improve the productivity of small manufacturing enterprises (SMEs), but many SMEs do not know how to use them. This report is the first of a two-volume series providing an overview of AEE technologies, their benefits for SMEs, and the technical considerations for AEE adoption.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr013.html
CMU/SEI-2003-TR-010
ADA413706
Basis for an Assembly Process for COTS-Based Systems (APCS), A
Carney, D.; Place, P.; & Oberndorf, P.
This paper describes a generic process framework for developing software systems based on commercial off-the-shelf (COTS) products. The framework is based on Barry Boehm's familiar spiral development process. However, it is primarily intended for projects that make significant use of commercial components and other pre-existing software as elements of the system to be fielded. The aspects of the process that are most affected by this reliance on COTS components lie in the area of requirements, and the description of the process is most extensive in that area. The necessity of using system prototypes as the major vehicle for reducing risk is assumed, as are parallel and interleaved periods of gathering and refining knowledge about the system to be built. Each element of the process is first described and then depicted in several models, using Integrated Definition modeling technique (IDEF0). The paper describes how the interactions between the candidate COTS components, the stakeholders' implicit and explicit needs, and the context in which the system will operate all provide interacting constraints on both the process and the resulting system.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr010.html
CMU/SEI-2003-TR-011
ADA416880
Case Study: Computer Supplier Evaluation Practices of the Parenteral Drug Association
Carney, D.; Greenawalt, H.; Grigonis, G.; & Oberndorf, P.
This case study describes the development of a method for evaluating computer and software suppliers for the pharmaceutical industry. The study describes the role of government regulation within the industry and the need for standardized audits of computer and software suppliers.
The audit method consists of six steps: initiation, pre-work, auditing, observations and reporting, decision, and follow- up. Each of these steps is described in detail, as are several features of the method: a data collection tool, an audit repository, and extensive auditor training supervised by an industry-regulated oversight agency.
Finally, the report describes the benefits of this audit method, together with a set of lessons learned about the audit of computer and software suppliers.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr011.html
CMU/SEI-2003-TR-004
ADA413644
Deriving Architectural Tactics: A Step Toward Methodical Architectural Design
Bachmann, F.; Bass, L.; & Klein, M.
This is one of several reports that provide the current status on the work being done by the Software Engineering Institute (SEI) to understand the relationship between quality requirements and architectural design. The ultimate objective of this work is to provide analysis-based guidance to designers so that the quality attributes of generated designs are more predictable and better understood.
Currently, four distinct problems must be solved to achieve that objective: (1) the precise specification of quality attribute requirements, (2) the enumeration of architectural decisions that can be used to achieve desired quality attribute requirements, (3) a means of coupling one quality attribute requirement to the relevant architectural decisions, and (4) a means of composing the relevant architectural decisions into a design. Embodying the solutions to these four problems into a design method that is sensitive to business priorities is an additional problem. This report deals with the third problem-coupling one quality attribute requirement to architectural decisions that achieve it.
This report provides initial evidence that there is, in fact, a systematic relationship between general scenarios, concrete scenarios, architectural tactics, and design fragments. It examines, in detail, two concrete scenarios-one for performance and one for modifiability-and describes how to move from each scenario, through tactics, to design fragments that satisfy the scenario.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr004.html
CMU/SEI-2003-TR-005
ADA418409
Evolution of Product Line Assets, The
McGregor, J.
Change is a natural, although not always welcome, part of product line development. The changes may be initiated to correct, improve, or extend assets or products. Since no asset is independent of all other assets, changes to one asset often require corresponding changes in other assets. And changes to assets propagate to affect all the products using those assets. Many of the practices of a successful product line initiate, manage, or consume these changes. Both conceptual techniques and software tools are available to assist in the management of these changes.
The focus of this technical report is how evolutionary changes affect the various types of assets in a software product line. Change can be anticipated and managed, or it can be unanticipated and potentially disruptive. This technical report defines a few basic evolution concepts and then discusses those product line practices that initiate, anticipate, control, and direct the evolution. Conceptual and automated techniques that support these practices are also presented.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr005.html
CMU/SEI-2003-TR-007
ADA416733
Fifth DoD Product Line Practice Workshop Report
Bergey, J.; Cohen, S.; Fisher, M.; Jones, L.; Northrop, L.; & O'Brien, W.
The Software Engineering Institute (SEI) held the Fifth Department of Defense (DoD) Product Line Practice Workshop in August 2002 in conjunction with the Second Software Product Line Conference (SPLC2). The workshop was a hands-on meeting to identify industry-wide best practices in software product lines; to share DoD product line practices, experiences, and issues; to discuss ways in which specific product line practices are accomplished within the DoD; and to obtain feedback on the Version 2 pre-release draft of Software Product Line Acquisition: A Companion to a Framework for Software Product Line Practice written by the SEI. This report synthesizes the workshop presentations and discussions.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr007.html
CMU/SEI-2003-TR-023,
ADA418382
Identifying Commercial Off-the-Shelf (COTS) Product Risks: The COTS Usage Risk Evaluation
Carney, D.; Morris, E.; & Place, P.
The expansion in use of commercial off-the-shelf (COTS) products has been accompanied by an increase in program failures. Many of these failures have been due to a lack of familiarity with the changed approach that COTS products demand. This report describes the development of an approach to reduce the number of program failures attributable to COTS software: the COTS Usage Risk Evaluation (CURE). The origin of CURE and an overview of the method, along with detail on the materials and mechanisms used in CURE, are provided. The CURE process is outlined and the results of the evaluations that have been conducted are summarized. Finally, possible future directions for CURE are explored.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr023.html
CMU/SEI-2003-TR-015
ADA416660
Integration of Computer-Aided Design and Finite Element Analysis Tools in a Small Manufacturing Enterprise
Elm, J. & Robert, J.
Small manufacturing enterprises face a number of challenges when integrating computer-aided design (CAD) tools and computer-aided engineering (CAE) tools into their design processes. One of the most significant challenges is interoperability across the wide range of commercial CAD and CAE tools. Although many of these tools support industry data standards and claim to be interoperable, the connection between them is not seamless.
This report summarizes two case studies of tool integration activities at one small manufacturer. The first study examines the enhancement of the product development process resulting from replacement of a two-dimensional CAD system with a three-dimensional CAD system. The second examines the creation of an in-house capability to perform finite element analysis (FEA), replacing analysis that had previously been outsourced.
As a result of these experiences, the manufacturer learned that improved productivity and superior designs could be obtained by integrating analysis into the design process at the earlier stages of conceptual and preliminary design. The manufacturer also learned that the design process and some design techniques had to change for the company to use the CAD and FEA tools effectively.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr015.html
CMU/SEI-2003-TR-003
ADA416601
Interactions Among Techniques Addressing Quality Attributes
Eguiluz, H. & Barbacci, M.
There is very little published work on how techniques that promote different architectural qualities interact with each other. When developing a software system, software architects need to understand the relationships among these techniques. For example, if a system is compromised, architects must consider questions such as whether it makes sense to apply damage confinement to achieve dependability, while at the same time shutting down components to promote security. To help answer such questions, this report provides matrices in which various techniques for promoting different architectural qualities are analyzed relative to each other. Four architectural qualities were analyzed: performance, security, modifiability, and dependability. The techniques that promote each one were selected and categorized as promotion, detection, or correction. For each category, matrices are presented that provide a detailed description of why a particular interaction is positive, negative, or neutral, or cannot be determined without assessing a concrete system.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr003.html
CMU/SEI-2003-TR-022,
ADA418384
Interpreting Capability Maturity Model Integration (CMMI) for COTS-Based Systems
Tyson, B.; Albert, C.; & Brownsword, L.
Experience shows that engineering commercial off-the-shelf (COTS)-based systems requires fundamental changes from traditional engineering: adjusted roles and responsibilities, new skills, and different processes. Practitioners are often surprised to find that building and supporting COTS-based systems demands more, not less, discipline in their management and engineering practices.
Many organizations have derived benefit from process improvement using capability maturity models and want to apply them as they build COTS-based systems. In addition, organizations building COTS-based systems want to apply the Capability Maturity Model Integration (CMMI). This leads to the question, "How should CMMI be interpreted for organizations building, fielding, and supporting a COTS-based system?"
This report shows that developing and maintaining COTS-based systems is more than selecting products and managing vendor relationships and is, therefore, more than just applying the Supplier Sourcing discipline within CMMI. The four CMMI disciplines-Systems Engineering, Software Engineering, Integrated Product and Process Development, and Supplier Sourcing-require interpretation and must be used together to promote improvement of an organization's processes for developing and maintaining COTS-based systems. This report summarizes what makes COTS-based systems unique and provides high-level guidance for interpreting and using CMMI practices to facilitate appropriate processes for COTS-based systems.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr022.html
CMU/SEI-2003-TR-020,
ADA418389
Model Problem Approach to Measurement-to-Track Association, A
Lewis, G. & Meyers, B.
This is the first in a series of reports that illustrate the use of model problems in the design of a system. The problem considered is measurement-to-track association. A "track" represents the state data about an object in the environment, and has a set of associated attributes. "Measurement-to-track association" is the process of determining the relation between a measurement and an existing track. In this process, tracks that meet particular attribute criteria can be selected via filters. This report examines the development and application of filters that can be used as selector mechanisms. The report also presents an initial design of the model problem, by using concepts and constructs from Unified Modeling Language (UML), Executable UML (xUML), and Object-Oriented Analysis (OOA). Also covered are possible extensions to this work, related to performance considerations, additional filter types, and the distribution of filter information.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr020.html
CMU/SEI-2003-TR-012
Overcoming Barriers to Technology Adoption in Small Manufacturing Enterprises (SMEs)
Estrin, L.; Foreman, J.; & Garcia, S.
Small manufacturing enterprises (SMEs) are critical to the defense industry of the United States. SMEs account for an average of 20% of the prime contracts and 40% of the subcontracts awarded by, or on behalf of the Department of Defense. Suppliers, especially small businesses, also generate 80% or more of the manufacturing value-added of some weapon systems. Nevertheless, data from the National Coalition for Advanced Manufacturing (NACFAM) and other organizations indicate that many SMEs are unable to support the defense industry because they lack the required technologies. This report summarizes technology demonstrations, workforce development activities, and technology development efforts of the Technology Insertion Demonstration and Evaluation Program. The knowledge gained from these activities can help SMEs to overcome technology adoption barriers and acquire the capabilities that the defense industry requires.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr012.html
CMU/SEI-2003-TR-021,
ADA421618
Preliminary Design of ArchE: A Software Architecture Design Assistant
Bachmann, F.; Bass, L.; & Klein, M.
This report presents a procedure for moving from a set of quality attribute scenarios to an architecture design that satisfies those scenarios. This procedure is embodied in a preliminary design for an architecture design assistant named ArchE (Architecture Expert), which will be implemented on a rule-based platform. This report includes the theory and rationale precipitating the design of ArchE and then describes this design in detail.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr021.html
CMU/SEI-2003-TR-017,
ADA443491
Process for COTS Software Product Evaluation, A
Comella-Dorda, S.; Dean, J.; Lewis, G.; Morris, E.; Oberndorf, P.; Harper, E.
The growing use of commercial software products in large systems makes evaluation and selection of appropriate products an increasingly essential activity. However, many organizations struggle in their attempts to select appropriate software products for use in systems. As part of a cooperative effort, the Software Engineering Institute and National Research Council Canada have defined a tailorable commercial off-the-shelf (COTS) software product evaluation process that can support organizations in making carefully reasoned and sound product decisions. The background fundamentals for that evaluation process, as well as steps and techniques to follow, are described in this report.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr017.html
CMU/SEI-2003-TR-008,
ADA421616
Product Line Analysis for Practitioners
Chastek, G. & Donohoe, P.
Planning for the development of products early in the lifetime of a software product line is critical to the success of that product line. Requirements for that development both affect and are affected by the product requirements.
This technical report describes the addition of development requirements to product line analysis. It further describes the refinement of product and development responsibilities, and the relationships among them, by use of examples specifically targeted at the practitioner of product line analysis.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr008.html
CMU/SEI-2003-TR-016,
ADA418428
Quality Attribute Workshops (QAWs), Third Edition
Barbacci, M.; Ellison, R.; Lattanze, A.; Stafford, J.; Weinstock, C.; & Wood, W.
The Quality Attribute Workshop (QAW) is a facilitated method that engages system stakeholders early in the life cycle to discover the driving quality attributes of a software-intensive system. The QAW was developed to complement the Architecture Tradeoff Analysis Method (ATAM) and provides a way to identify important quality attributes and clarify system requirements before the software architecture has been created.
This is the third edition of a technical report describing the QAW. We have narrowed the scope of a QAW to the creation of prioritized and refined scenarios. This report describes the newly revised QAW and describes potential uses of the refined scenarios generated during it.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr016.html
CMU/SEI-2003-TR-019,
ADA418398
SEI Independent Research and Development Projects
Bachmann, F.; Bass, L.; Carney, D.; Dietrich, S.; Feiler, P.; Garcia, S.; Klein, M.;
Lattanze, T.; McHugh, J.; Meyers, B. C.; Morris, E.; Place, P.; Plakosh, D.; &
Seacord, R.
Each year, the Software Engineering Institute (SEI) undertakes several Independent Research and Development (IR&D) projects. These projects serve to (a) support feasibility studies investigating whether further work by the SEI would be of potential benefit and (b) support further exploratory work to determine if there is sufficient value in eventually funding the feasibility study work as an SEI initiative. Projects are chosen based on their potential to mature and/or transition software engineering practices, develop information that will help in deciding whether further work is worth funding, and set new directions for SEI work. This report describes the IR&D projects that were conducted during fiscal year 2003 (October 2002 through September 2003).
http://www.sei.cmu.edu/publications/documents/03.reports/03tr019.html
CMU/SEI-2003-TR-006
ADA421661
SACAM: The Software Architecture Comparison Analysis Method
Stoermer, C.; Bachmann, F.; Verhoef, C.
Comparing software architectures for any nontrivial system is a difficult task. Software architectures are designed with particular requirements and constraints, and are often poorly documented. However, organizations often need to select a software architecture for future development from several candidate architectures. The Software Architecture Comparison Analysis Method (SACAM) was created to provide the rationale for an architecture selection process by comparing the fitness of architecture candidates for required systems. The SACAM compares architectures based on a set of criteria derived from the business goals of an organization. SACAM was developed in a technical reuse context where an organization investigated architectural commonalities and differences to explore architectural designs for a software product line architecture. This report outlines a first version of the method and its underlying concepts.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr006.html
CMU/SEI-2003-TR-001,
ADA421664
State of the Practice of Computer Security Incident Response Teams (CSIRTs)
Killcrece, G.; Kossakowski, K.; Ruefle, R.; & Zajicek, M.
Keeping organizational information assets secure in today's interconnected computing environment is a challenge that becomes more difficult with each new "e" product and each new intruder tool. There is no one solution for securing information assets; instead a multi-layered security strategy is required. One of the layers that many organizations are including in their strategy today is a computer security incident response team, or CSIRT. This report provides an objective study of the state of the practice of incident response, based on information about how CSIRTs around the world are operating. It covers CSIRT services, projects, processes, structures, and literature, as well as training, legal, and operational issues. The report can serve as a resource both to new teams that are setting up their operations and to existing CSIRTs that are interested in benchmarking their operations.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr001.html
CMU/SEI-2003-TR-014,
ADA418430
Team Software Process (TSP) in Practice: A Summary of Recent Results, The
Davis, N. & Mullaney, J.
Most software organizations are facing critical business needs for better cost and schedule management, effective quality management, and cycle-time reduction. The Team Software Process addresses these critical business needs. This report provides results and implementation data from projects and individuals that have adopted the TSP. The results show that TSP teams are delivering essentially defect-free software on schedule, while improving productivity. These data can be used for benchmarking and planning, motivation, lessons learned, and other guidance to those currently using the TSP or considering its use. The report also illustrates adoption experiences of practitioners in the field, including TSP team members, their managers, and their coaches and instructors.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr014.html
CMU/SEI-2003-TR-002
ADA414865
Trustworthy Refinement Through Intrusion-Aware Design
Ellison, R. & Moore, A.
High confidence in a system's survivability requires an accurate understanding of the system's threat environment and the impact of that environment on system operations. Unfortunately, existing development methods for secure and survivable information systems often employ a patchwork approach in which the focus is on deciding which popular security components to integrate rather than making a rational assessment of how to address the attacks that are likely to compromise the overall mission. This report proposes an intrusion-aware design model called trustworthy refinement through intrusion-aware design (TRIAD). TRIAD helps information system decision makers formulate and maintain a coherent, justifiable, and affordable survivability strategy that addresses mission-compromising threats for their organization. TRIAD also helps in evaluating and maintaining an information system design in terms of its ability to implement a survivability strategy. This report demonstrates the application of TRIAD to the refinement of a survivability strategy for a business that sells products over the Internet.
TRIAD provides a solid foundation for the further refinement, experimentation, and validation of an approach to exploit knowledge of intruder behavior to improve system architecture design and operations. Ultimately, with effective tool support and evidence of its efficacy, TRIAD will be integrated with more comprehensive life-cycle models for the development and maintenance of high-confidence systems.
http://www.sei.cmu.edu/publications/documents/03.reports/03tr002.html
CMU/SEI-2003-TR-009
ADA413574
Volume III: A Technology for Predictable Assembly from Certifiable Components
Wallnau, K.
This report is the final volume in a three-volume series on component-based software engineering. Volumes I and II identified market conditions and technical concepts of component-based software technology, respectively. Volume III (this report) focuses on how component technology can be extended to achieve predictable assembly from certifiable components (PACC). An assembly of software components is predictable if its runtime behavior can be predicted from the properties of its components and their patterns of interactions. A component is certifiable if its (predictive) properties can be objectively measured or otherwise verified by independent third parties. This report identifies the key technical concepts of PACC, with an emphasis on the theory of prediction-enabled component technology (PECT).
http://www.sei.cmu.edu/publications/documents/03.reports/03tr009.html
[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]